The rapid growth of information in IT context causes the IT companies outsource their information to data centers out of them. Since data security and privacy are among the main issues of outsourcing, IT admins should use cryptographic techniques to address these problems. Searchable encryption plays an important role in the context of outsourcing a company's information. In this paper we propose a Secure communication scheme for Cloud Storage. We use a built-in mechanism to check the message integrity without using message digest, this will decrease the overhead of network traffic significantly. At first, we describe an attack to the SPKS (state of the art searchable cryptographic schemes for Cloud Storage networks) and show that the lack of client signature in SPKS helps intruders to forge the encrypted data. Then we propose a modified version of this scheme and prove its security against the forgery attack.

In the outsourcing of the data, the management of the data is delegated as a service to the external service provider. However, security issues related to outsourced data create many challenges in this regard. So far, many studies have been done to increase security, each with its own advantages and disadvantages. In this research, assuming the unreliable external service providers in the Cloud and relying on cryptographic mechanisms and secret sharing techniques, a method has been proposed to provide the security of outsourcing data, and even provide them with keep hidden from external trusted service providers. In the proposed method, lattice-based encryption is also used. Using lattice encryption, data security is strongly guaranteed against quantum attacks. The evaluation of the proposed method in this paper explains the security of outsourced data. It is also shown that runtime, bandwidth and memory usage of the proposed method are improved compared to previous methods. Meanwhile, in this way, the information is broken down into the number of service providers and each part is sent to a service provider, thereby reducing the bandwidth and memory by eliminating the repetition of the data.

The use of NoSQL data and its Storage in the Cloud is growing rapidly. Due to the accumulation of data in the Cloud, data security against untrusted service providers as well as external attackers becomes a more serious problem. Over the past few years, there are some efforts to Secure the outsourcing of NoSQL data, especially column-based and document-based models. However, practical solutions for Secure outsourcing of key-value databases have not been identified. This paper attempts to introduce SecureKV as a Secure method for outsourcing key-value databases. This method employs a multi-Cloud Storage scenario to preserve outsourced data confidentiality. Besides security issues, the proposed method supports executing major key-value queries directly on outsourced data. A prototype of the Redis database management system has been implemented to show the efficiency and effectiveness of the proposed method. The results imply that, besides security issues, it is efficient and scalable enough in executing key-value-specific queries.

In Cloud computing and the data Storage services they offer, what impedes their adoption by organizations with classified data is the issue of security (confidentiality, integrity, availability). Although, the confidentiality of data could be preserved against external adversary by the server-side encryption, the Cloud owner or Cloud’ s super users still are in possession of encryption keys. Hence they have access to users’ data which compromise their confidentiality. In this paper, we offer the SeIDA (PAD) algorithm which enables us to confidently outsource our security-sensitive data to untrusted Cloud environments and benefit their features. Despite conventional methods which store data on one specific Cloud service provider, the SeIDA algorithm breaks the user’ s file into N distinct, unrecognizable segments and stores each one on a different Cloud. We have accomplished this by adding a lightweight pre-processing phase to Rabin’ s information dispersal algorithm while at the same time, we have employed a novel distributed-based key management technique for achieving keyless security and hence we obviate many of the related challenges (Secure key generation, preserving encryption keys etc. ). Due to SeIDA’ s efficiency, other than a web application, it can be directly implemented and utilized as a mobile application.

While private Clouds provide high security and low cost for scheduling workflow, public Clouds in addition to higher costs, are potentially exposed to the risk of data and computation breach. However, in real world, needs for high performance resources and high capacity Storage devices encourage organizations to use resources in public Clouds. Task scheduling, therefore, is one of the most important challenges in Cloud computing. In this paper, whilst considering the security issue, a new scheduling method is proposed for workflow applications in hybrid Cloud. Specifically, sensitivity of tasks, which has been considered in recent works, as well as security requirement for data and security strength for both resources and channels are taken into account. The proposed scheduling method is implemented in improved Particle Swarm Optimization (PSO-WSCS) algorithm. The goal function, is minimizing the security distance of data and workflow from security strengths of resources and channels such that time and budget constraints are observed. The proposed PSO-WSCS algorithm, which is based on original PSO with some modifications, is compared with three similar scheduling algorithms, namely VNPSO, MPSO and MPSO-SA, in hybrid Cloud. Evaluations show the effectiveness of our algorithm in finding resources whose security aspects have high resemblance to the security requirements. This is displayed by an average improvement of 40% in the studied samples.

The aim of this research is to design a Secure model based on Cloud computing for smart meter reading as the Internet of Things. First, library studies are conducted and then a model is designed that receives data from smart meters and stores it in a Cloud computing system, which encounters a volume of big data. In this model, the goal is to determine the network load in the first stage and then separate conventional data from unconventional data. This is the basis for security and prevention of theft from the network. Conventional data indicates theft from the network, while conventional data indicates no theft. First, load prediction is performed using machine learning algorithms and it has been shown that the random forest algorithm is 95% capable of predicting the network load based on 4 specified input variables. Then, the degree of conventionality or unconventionality of the predicted data was determined using the convolutional neural network algorithm, which has shown that the convolutional neural network algorithm is able to predict and classify conventional and unconventional data with the least error and distinguish them from each other. Therefore, this algorithm provides reliable results regarding theft from the energy network through smart meters.

Reliable access control is a major challenge of Cloud Storage services. This paper presents a Cloud-based file-sharing architecture with ciphertext-policy attribute-based encryption (CP-ABE) access control mechanism. In CP-ABE, the data owner can specify the ciphertext access structure, and if the user key satisfies this access structure, the user can decrypt the ciphertext. The trusted authority embeds the private key of each attribute in a so-called attribute access polynomial and stores its coefficients publicly on the Cloud. By means of the access polynomial, each authorized user will be able to retrieve the private key of the attribute by using her/his owned pre-shard key. In contrast, the data owner encrypts the file with a randomly selected key, namely the cipher key. The data owner encrypts the cipher key by CP-ABE scheme with the desired policies. Further, the data owner can create a different polynomial called query access polynomial for multi-keyword searching. Finally, the data owner places the encrypted file along the encrypted cipher key and query access polynomial in the Cloud. The proposed scheme supports fast attribute revocation using updating the corresponding access polynomial and re-encrypting the affected cipher keys by the Cloud server. Moreover, most of the calculations at the decryption and searching phases are outsourced to the Cloud server, thereby allowing the lightweight nodes with limited resources to act as data users. Our analysis shows that the proposed scheme is both Secure and efficient.

Remote data auditing (RDA) protocols enable a Cloud server to persuade an auditor that it is storing a data file honestly. Unlike digital signature (DS) schemes, in RDA protocols, the auditor can carry out the auditing procedure without having the entire data file. Therefore, RDA protocols seem to be attractive alternatives to DSs as they can effectively reduce bandwidth consumption. However, existing RDA protocols do not provide adequately powerful tools for user authentication. In this paper, we put forward a novel attribute-based remote data auditing and user authentication scheme. In our proposed scheme, without having a data file outsourced to a Cloud server, an auditor can check its integrity and the issuer’, s authenticity. Indeed, through a challenge-response protocol, the auditor can check whether 1) the Cloud server has changed the content of the data file or not,2) the data owner possesses specific attributes or not. We show that our scheme is Secure under the hardness assumption of the bilinear Diffie-Hellman (BDH) problem.